Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in LimeSurvey 2.05+ Build 140618 allow remote attackers to inject arbitrary web script or HTML via 1 the pid attribute to the getAttributejson function to application/controllers/admin/participantsaction.php in CPDB, 2 the sa parameter to...

CVE-2014-5016

Multiple cross-site scripting XSS vulnerabilities in LimeSurvey 2.05+ Build 140618 allow remote attackers to inject arbitrary web script or HTML via 1 the pid attribute to the getAttributejson function to application/controllers/admin/participantsaction.php in CPDB, 2 the sa parameter to...

Ecmall的SQL注入第三弹

简要描述： RT。 详细说明： 首先注册一个会员 然后申请开店 ECmall 在添加一个商品的时候可以从csv 中导入 看看代码。 在app/mygoods.app.php中 function import if !ISPOST $this-assign'noteforimport', sprintfLANG::get'noteforimport', CHARSET; / 当前页面信息 / $this-curlocalLANG::get'membercenter', 'index.php?app=member', LANG::get'mygoods',...

Daphne - Tool for killing, controlling and debugging processes in Windows

Daphne is a small application for killing, controlling and debugging Windows’ processes. It was born to kill a windows process and became almost a task manager replacement. You can kill a process by dragging the mouse over the windows, by right-clicking the process in the main process list, or by...

OpenOffice 3.1 - '.csv' File Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37807/info OpenOffice is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue by enticing an unsuspecting victim to open a specially crafted '.csv' file. Successful exploits will cause the...

CitrusDB 0.3.6 uploadcc.php Arbitrary Database Injection

No description provided by source. source: http://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The issue exists because the...

CitrusDB 0.3.6 importcc.php CSV File SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The issue exists because the...

BACnet OPC Client Buffer Overflow

No description provided by source. $Id: bacnetcsv.rb 11039 2010-11-14 19:03:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Reportico Admin Credential Leak

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECV-05-1402 - Reportico software admin credentials leak Product description: Reportico is a comprehensive Open Source web reporting tool written purely in PHP. Reportico provides a web-based front end screen for designing and viewing reports stored i...

Automater v2.0 - URL/Domain, IP Address, and Md5 Hash OSINT Tool

Automater is a URL/Domain, IP Address, and Md5 Hash OSINT tool aimed at making the analysis process easier for intrusion Analysts. Given a target URL, IP, or HASH or a file full of targets Automater will return relevant results from sources like the following: IPvoid.com, Robtex.com,...

CVE-2014-3961

SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an "output CSV" action to pdb-signup/...

Sql injection

SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter in an "output CSV" action to pdb-signup/...

RAWR - Rapid Assessment of Web Resources

Introducing RAWR Rapid Assessment of Web Resources. There’s a lot packed in this tool that will help you get a better grasp of the threat landscape that is your client’s web resources. It has been tested from extremely large network environments, down to 5 node networks. It has been fine-tuned to...

How To Export Windows Event Logs

Purpose When submitting a support case for technical assistance, it is sometimes necessary to upload relevant Windows event logs in addition to the Veeam logs. Event logs exported using default settings can be missing important information. This article describes three different methods of...

CVE-2014-2460

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, 6.2, 6.3, 6.3.1, 6.3.2, and 6.3.3 allows remote authenticated users to affect confidentiality via vectors related to CSV Management...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, 6.2, 6.3, 6.3.1, 6.3.2, and 6.3.3 allows remote authenticated users to affect confidentiality via vectors related to CSV Management...

CVE-2014-2460

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, 6.2, 6.3, 6.3.1, 6.3.2, and 6.3.3 allows remote authenticated users to affect confidentiality via vectors related to CSV Management...

CVE-2014-2460

CVE-2014-2460 affects Oracle Transportation Management within Oracle Supply Chain Products Suite versions 5.5.06, 6.0, 6.1, 6.2, 6.3, 6.3.1, 6.3.2, and 6.3.3. The vulnerability is described as an unspecified issue that allows remote authenticated users to affect confidentiality via vectors relate...

[NetBScanner] NetBIOS Scanner

NetBScanner is a network scanner tool that scans all computers in the IP addresses range you choose, using NetBIOS protocol. For every computer located by this NetBIOS scanner, the following information is displayed: IP Address, Computer Name, Workgroup or Domain, MAC Address, and the company tha...

[CSVFileView] CSV/Tab-delimited file viewer and converter

CSVFileView is a simple CSV file viewer/converter utility that allows you to easily view the content of CSV or tab-delimited file created by NirSoft utilities or by any other software, in a simple table viewer. You can sort the lines according to one of the fields, remove unwanted fields and chan...